DOCSLIB.ORG

Utmp, Wtmp

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Utmp, Wtmp SYSTEM PROGRAMMING From the book by STEWART WEISS 1 Chapter 2 Login Records, File I/O, and Performance 2 Concepts Covered • Man pages and Texinfo pages • The UNIX file I/O API • Reading, creating, and writing files • File descriptors • Kernel buffering • Kernel versus user mode and the cost of system calls • Timing programs • The utmp file • Detecting and reporting errors in system calls • Memory mapped I/O • open, creat, close, read, write, lseek, perror, ctime, localtime, utmpname, getutent, setutent, endutent, malloc, calloc, mmap, munmap, memcpy • Filters and regular expressions 3 Commands are (Usually) Programs • In UNIX, most commands are programs, almost always written in C. • Shell builtins (e.g., cd and exit) are not programs. • Some commands, such as pwd, are both shell builtins and programs. • By default the shell builtin pwd will be executed; or one can either type \pwd or /bin/pwd 4 Locating Command Binaries • The most common locations: /bin /usr/bin /usr/sbin: Administrative commands /usr/local/*: Packages installed after the OS installation /usr/local/bin: Commands that do not come with the UNIX distribution /usr/ucb: (ucb: University of California at Berkeley) 5 The who Command Displays info about who is currently using the system. Produces a listing such as: dsutton pts/1 Jul 23 20:22 (66-108-62-189.nyc.rr.com) ioannis pts/2 Jul 24 16:53 (freshwin.geo.hunter.cuny.edu) dplumer pts/3 Jul 26 11:34 (66-65-53-41.nyc.rr.com) rnoorzad pts/4 Jul 23 09:25 (death-valley.geo.hunter.cuny.edu) rnoorzad pts/5 Jul 23 09:25 (death-valley.geo.hunter.cuny.edu) sweiss pts/6 Jul 26 13:08 (70.ny325.east.verizon.net) 6 Researching Commands In UNIX 1. Read the relevant man page. 2. Follow the SEE ALSO links on the page. 3. Read the Texinfo page if the man page refers to it. 4. Search the manual. 5. Find and read the header (.h) files relevant to the command. 7 Reading Man Pages • man page for a command have the DESCRIPTION, SEE ALSO, and FILES sections • DESCRIPTION gives the details of usage. • For example, man page for who says: who has an optional file name argument and its default is /var/run/utmp which has the info about current logins. The optional argument can be /var/log/wtmp • We can infer that /var/run/utmp contains info about who is currently logged in. • There is a section of the man pages for the description of system file formats so man wtmp will bring the man page for the wtmp file. • /var/log/wtmp and /var/run/utmp are system files and they are described on the section 5 of the manual. • There we can learn that /var/log/wtmp contains information about who has logged in previously 8 Man Pages and Headers • All POSIX-compliant UNIX systems also contain man pages for all of the header files included by a function in the kernel's API. • For example • $ man stdlib.h will display the man page for the header file <stdlib.h> 9 Man Page Searching • To search for all man pages that contain a particular keyword in their one-line summaries in the NAME Section, you can type • $ man k keyword • To this work; whatis database should have been built when the man pages were installed. 10 Man Page Searching • $ man k utmp or • $ apropos utmp will list all man pages that contain the string utmp in their summaries. • On some systems apropos allow multiple keyword and regular expression searches. • The -a option makes search in man pages whose page names and/or NAME sections contain all keywords provided, as in: • $ apropos -a convert case toupper (3) - convert letter to upper or lower case FcToLower (3) - convert upper case ASCII to lower case tolower (3) - convert letter to upper or lower case towlower (3) - convert a wide character to lowercase towupper (3) - convert a wide character to uppercase XConvertCase (3) - convert keysyms 11 Man Page Searching: Examples • $ apropos -ar convert '\<case\>' • toupper (3) - convert letter to upper or lower case • FcToLower (3) - convert upper case ASCII to lower case • tolower (3) - convert letter to upper or lower case • $ apropos convert | grep '\<case\>' • FcToLower (3) - convert upper case ASCII to lower case • tolower (3) - convert letter to upper or lower case • toupper (3) - convert letter to upper or lower case • If the output list is still too long to be useful, you can lter it further with another instance of grep: • $ apropos convert | grep '\<case\>' | grep '\<ASCII\>' • FcToLower (3) - convert upper case ASCII to lower case 12 Texinfo • The man page for a command may not have enough content, SEE ALSO section will have a message such as the following: The full documentation for who is maintained as a Texinfo manual. If the info and who programs are properly installed at your site, the command info coreutils 'who invocation' should give you access to the complete manual. 13 Texinfo: info command • The info command brings Texinfo pages, an alternative to man pages. • To learn how to use the Texinfo viewer, type • info info • The information is stored in Texinfo as a tree-like structure. • An internal node represents a topic area, and its child nodes are specific to that topic. • The space bar will advance within the entire tree using BFS search. • Shortcuts are d (down) u (up) n (next) p (previous). 14 Digging Deeper into the who Command • The manual search on the utmp file outputs like: [Topic] [Title] [Chapter] [Brief Description] endutent [getutent] (3) - access utmp file entries getutent (3) - access utmp file entries getutid [getutent] (3) - access utmp file entries getutline [getutent] (3) - access utmp file entries login (3) - write utmp and wtmp entries logout [login] (3) - write utmp and wtmp entries pututline [getutent] (3) - access utmp file entries sessreg (1x) - manage utmp/wtmp entries for non-init clients setutent [getutent] (3) - access utmp file entries utmp [utmp] (5) - login records utmpname [getutent] (3) - access utmp file entries utmpx.h [utmpx] (0p) - user accounting database definitions wtmp [utmp] (5) - login records 15 Man Page for utmp • To display the specific chapter, type: $ man 5 utmp $ man S5 utmp • The beginning of the man page for utmp is displayed below (may change from distro to distro): NAME utmp, wtmp - login records SYNOPSIS #include <utmp.h> DESCRIPTION The utmp file allows one to discover information about who is currently using the system. There may be more users currently using the system, because not all programs use utmp logging. Warning: utmp must not be writable, because many system programs (foolishly) depend on its integrity. You risk faked system logfiles and modifications of system files if you leave utmp writable to any user. The file is a sequence of entries with the following structure declared in the include file (note that this is only one of several definitions around; details depend on the version of libc): (...) 16 Reading the Correct Header Files • echo int main() {return 0;} > empty.c • gcc -v empty.c • The output produced by gcc: #include "..." search starts here: #include <...> search starts here: your_current_working_dir/include /usr/local/include /usr/lib/gcc/x86_64-redhat-linux/4.4.5/include /usr/include End of search list 17 utmp.h (stripped down version) /* The structure describing an entry in the database of struct utmp previous logins . */ { struct lastlog short int ut_type ; // Type of login . { pid_t ut_pid ; // Process ID of login process . __time_t ll_time ; char ut_line [ UT_LINESIZE ]; // Devicename . char ll_line [ UT_LINESIZE ]; char ut_id [4]; // Inittab ID. char ll_host [ UT_HOSTSIZE ]; char ut_user [ UT_NAMESIZE ]; // Username . }; char ut_host [ UT_HOSTSIZE ]; // Hostname for remote login . /* The structure describing the status of a terminated struct exit_status ut_exit ; /* Exit status of a process process . This type is used in ‘struct utmp’ below . */ marked as DEAD_PROCESS .*/ struct exit_status long int ut_session ; // Session ID , used for windowing . { struct timeval ut_tv ; // Time entry was made . short int e_termination ; /* Process termination status .*/ int32_t ut_addr_v6 [4]; // Internet address of remote host . short int e_exit ; /* Process exit status . */ char __unused [20]; // Reserved for future use. }; }; /* The structure describing an entry in the user accounting database . */ 18 What Next? • We see, who opens the utmp.h and reads the structures in sequence and displaying the appropriate data for each login. • We will use this info as the basis for our own implementation of the command. 19 Writing who command • The program that implements the who command has two key tasks: • read the utmp structures from a file • display the information from a single utmp structure on the display device in a user friendly format. 20 Reading Structures From a File • A binary file, e.g., utmp: • Consists of a sequence of structures • Cannot be read using the C I/O functions, such as get(), getc(), fgets(), and scanf(), nor the istream methods in C++. • Suppose you do not know the methods of reading from a binary file. • You search man pages as: • $ man k binary file | grep read 21 Reading Structures From a File (Contd.) • Search result may give: • fread(), in Section 3, is part of the C Standard I/O Library. • read(), in Section 2, is the prototype of a system call. • Type: $ man 2 read NAME read - read from a file descriptor SYNOPSIS #include <unistd.h> ssize_t read(int fildes, void *buf, size_t nbyte); DESCRIPTION … 22 The Difference Between <stdio.h> and <unistd.h> • Functions fopen(), fread(), fwrite(), fclose(), etc. defined in <stdio.h> operates on FILE pointers and are part of ANSI C I/O Library. They are C functions one can use on any OS. • Functions open(), read(), write(), and close() are UNIX system calls defined in <unistd.h> • The <unistd.h> defines misc.
Load more

Recommended publications
  • Name Synopsis Description
    UTMP(5) Linux Programmer’sManual UTMP(5) NAME utmp, wtmp − login records SYNOPSIS #include <utmp.h> DESCRIPTION The utmp file allows one to discoverinformation about who is currently using the system. There may be more users currently using the system, because not all programs use utmp logging. Warning: utmp must not be writable by the user class "other", because manysystem programs (foolishly) depend on its integrity.You risk faked system logfiles and modifications of system files if you leave utmp writable to anyuser other than the owner and group owner of the file. The file is a sequence of utmp structures, declared as follows in <utmp.h> (note that this is only one of sev- eral definitions around; details depend on the version of libc): /* Values for ut_type field, below */ #define EMPTY 0/*Record does not contain valid info (formerly known as UT_UNKNOWN on Linux) */ #define RUN_LVL 1/*Change in system run-level (see init(8)) */ #define BOOT_TIME 2/*Time of system boot (in ut_tv)*/ #define NEW_TIME 3/*Time after system clock change (in ut_tv)*/ #define OLD_TIME 4/*Time before system clock change (in ut_tv)*/ #define INIT_PROCESS 5/*Process spawned by init(8) */ #define LOGIN_PROCESS 6 /* Session leader process for user login */ #define USER_PROCESS 7/*Normal process */ #define DEAD_PROCESS 8/*Terminated process */ #define ACCOUNTING 9/*Not implemented */ #define UT_LINESIZE 32 #define UT_NAMESIZE 32 #define UT_HOSTSIZE 256 struct exit_status { /* Type for ut_exit, below */ short int e_termination; /* Process termination status */ short int
    [Show full text]
  • Filesystem Hierarchy Standard
    Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Version 3.0 Publication date March 19, 2015 Copyright © 2015 The Linux Foundation Copyright © 1994-2004 Daniel Quinlan Copyright © 2001-2004 Paul 'Rusty' Russell Copyright © 2003-2004 Christopher Yeoh Abstract This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Dedication This release is dedicated to the memory of Christopher Yeoh, a long-time friend and colleague, and one of the original editors of the FHS.
    [Show full text]
  • UNIX Logs Agent User.S Guide
    IBM Tivoli Monitoring Version 6.2.3 Fix Pack 1 UNIX Logs Agent User’s Guide SC32-9471-05 IBM Tivoli Monitoring Version 6.2.3 Fix Pack 1 UNIX Logs Agent User’s Guide SC32-9471-05 Note Before using this information and the product it supports, read the information in “Notices” on page 99. This edition applies to version 6.2.3 Fix Pack 1 of the IBM Tivoli Monitoring: UNIX Logs Agent (5724-C04) and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright IBM Corporation 2005, 2012. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Tables ...............v HACMP_join_standby situation ......32 HACMP_network_down situation ......32 Chapter 1. Overview of the Monitoring HACMP_network_down_complete situation . 32 Agent for UNIX Logs .........1 HACMP_network_up situation .......32 HACMP_network_up_complete situation . 32 IBM Tivoli Monitoring overview........1 HACMP_node_down situation .......33 Features of the Monitoring Agent for UNIX Logs . 1 HACMP_node_down_complete situation . 33 New in this release ............2 HACMP_node_down_local situation .....33 Monitoring Agent for UNIX Logs components . 2 HACMP_node_down_local_complete situation . 33 User interface options ...........3 HACMP_node_down_remote situation ....33 HACMP_node_down_rmt_complete situation . 34 Chapter 2. Requirements and HACMP_node_up situation ........34 configuration for the monitoring agent . 5 HACMP_node_up_complete situation ....34 Requirements for the monitoring agent .....6 HACMP_node_up_local situation ......34 Monitoring syslog files on certain AIX 5.3 systems. 8 HACMP_node_up_local_complete situation . 34 Specifying the log files to monitor .......8 HACMP_node_up_remote situation .....35 Customer configuration file ........8 HACMP_node_up_remote_complete situation . 35 Customer configuration file format ......9 HACMP_release_service_addr situation ....35 Syslog daemon configuration file ......10 HACMP_release_takeover_addr situation .
    [Show full text]
  • The Complete Freebsd
    The Complete FreeBSD® If you find errors in this book, please report them to Greg Lehey <grog@Free- BSD.org> for inclusion in the errata list. The Complete FreeBSD® Fourth Edition Tenth anniversary version, 24 February 2006 Greg Lehey The Complete FreeBSD® by Greg Lehey <[email protected]> Copyright © 1996, 1997, 1999, 2002, 2003, 2006 by Greg Lehey. This book is licensed under the Creative Commons “Attribution-NonCommercial-ShareAlike 2.5” license. The full text is located at http://creativecommons.org/licenses/by-nc-sa/2.5/legalcode. You are free: • to copy, distribute, display, and perform the work • to make derivative works under the following conditions: • Attribution. You must attribute the work in the manner specified by the author or licensor. • Noncommercial. You may not use this work for commercial purposes. This clause is modified from the original by the provision: You may use this book for commercial purposes if you pay me the sum of USD 20 per copy printed (whether sold or not). You must also agree to allow inspection of printing records and other material necessary to confirm the royalty sums. The purpose of this clause is to make it attractive to negotiate sensible royalties before printing. • Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. • For any reuse or distribution, you must make clear to others the license terms of this work. • Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above.
    [Show full text]
  • Linux Standard Base Core Specification 2.0.1
    Linux Standard Base Core Specification 2.0 .1 Linux Standard Base Core Specification 2.0 .1 Copyright © 2004 Free Standards Group Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". Portions of the text are copyrighted by the following parties: • The Regents of the University of California • Free Software Foundation • Ian F. Darwin • Paul Vixie • BSDI (now Wind River) • Andrew G Morgan • Jean-loup Gailly and Mark Adler • Massachusetts Institute of Technology These excerpts are being used in accordance with their respective licenses. Linux is a trademark of Linus Torvalds. UNIX a registered trademark of the Open Group in the United States and other countries. LSB is a trademark of the Free Standards Group in the USA and other countries. AMD is a trademark of Advanced Micro Devices, Inc. Intel and Itanium are registered trademarks and Intel386 is a trademarks of Intel Corporation. OpenGL is a registered trademark of Silicon Graphics, Inc. Specification Introduction Specification Introduction Table of Contents Foreword .......................................................................................................................................................................i Introduction ...............................................................................................................................................................
    [Show full text]
  • Managing Services and Faults in Oracle Solaris 11.1 • January 2014 Contents
    Managing Services and Faults in Oracle® Solaris 11.1 Part No: E29003–02 January 2014 Copyright © 1998, 2014, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS. Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including anyoperating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
    [Show full text]
  • Oracle Solaris Administration Common Tasks
    Oracle® Solaris Administration: Common Tasks Part No: 821–1451–11 December 2011 Copyright © 1998, 2011, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract,and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
    [Show full text]
  • Secure Programming for Linux and Unix HOWTO
    Secure Programming for Linux and Unix HOWTO David A. Wheeler v3.010 Edition Copyright © 1999, 2000, 2001, 2002, 2003 David A. Wheeler v3.010, 3 March 2003 This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C++, Java, Perl, PHP, Python, Tcl, and Ada95 are included. For a current version of the book, see http://www.dwheeler.com/secure−programs This book is Copyright (C) 1999−2003 David A. Wheeler. Permission is granted to copy, distribute and/or modify this book under the terms of the GNU Free Documentation License (GFDL), Version 1.1 or any later version published by the Free Software Foundation; with the invariant sections being ``About the Author'', with no Front−Cover Texts, and no Back−Cover texts. A copy of the license is included in the section entitled "GNU Free Documentation License". This book is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Secure Programming for Linux and Unix HOWTO Table of Contents Chapter 1. Introduction......................................................................................................................................1 Chapter 2. Background......................................................................................................................................4
    [Show full text]
  • Reflections on UNIX Vulnerabilities
    Reflections on UNIX Vulnerabilities Matt Bishop Department of Computer Science University of California at Davis Davis, CA 95616-8562 [email protected] Abstract—The UNIX operating system was developed in composition, or even the proper definition of policy. Instead, a friendly, collaborative environment without any particular it focuses on a particular category of security holes or predefined objectives. As it entered less friendly environments, vulnerabilities for the UNIX1 operating system. Because of expanded its functionality, and became the basis for commer- cial, infrastructure, and home systems, vulnerabilities in the the natural evolution of systems over the years that this paper system affected its robustness and security. This paper presents spans, I construe the terms “UNIX” and “UNIX operating a brief history of UNIX vulnerabilities, beginning with a report system” liberally, to include UNIX-like systems such as written in 1981–1983, but never published. It examines how the Linux. nature of vulnerabilities has (and has not) changed since then, A report I wrote in 1981, and expanded in 1983, motivates and presents some thoughts on the future of vulnerabilities in 2 the UNIX operating system and its variants and other UNIX- this reflection. That report presented several UNIX security like systems. vulnerabilities, and discussed their causes and how to fix them or, where no fixes were available, how to ameliorate Keywords-UNIX security; vulnerabilities; security policy; history; future them. It was circulated among computer security researchers, system administrators, and developers of UNIX systems, but was never published. I. INTRODUCTION This paper examines UNIX vulnerabilities, and their im- In 1981, computer security was not considered a main- pact on UNIX security, in three periods that are roughly stream subdiscipline of computer science.
    [Show full text]
  • The Murky Issue of Changing Process Identity: Revising “Setuid Demystified”
    d ropping unneeded process privi - leges promotes security but is notoriously d a n t s a fr i R , d i L m a d a s i Lva , a n d d av i d wa G n e R error-prone because of confusing set*id sys- tem calls with unclear semantics and subtle the murky issue of portability issues. To make things worse, changing process existing recipes to accomplish the task are identity: revising lacking, related manuals can be misleading, and the associated kernel subsystem might “setuid demystified” contain bugs. We therefore proclaim the Dan Tsafrir is a postdoctoral researcher at the IBM system as untrustworthy when it comes to T.J. Watson Research Center in New York. He is a the subject matter, and we suggest a defen- member of the advanced operating systems group and is interested in various aspects of operating sive, easy-to-use solution that addresses all systems. concerns. [email protected] Whenever you run a program, it assumes your Dilma da Silva is a researcher at the IBM T.J. Watson Research Center in New York. She manages the identity and you lend it all your power: Whatever Advanced Operating Systems group. Prior to joining you’re allowed to do, it too is allowed. This in- IBM, she was an Assistant Professor at University of cludes deleting your files, killing your other pro- Sao Paulo, Brazil. Her research in operating systems addresses the need for scalable and customizable grams, changing your password, and retrieving system software. your mail, for example.
    [Show full text]
  • Oracle Solaris Tunable Parameters Reference Manual Provides Reference Information About Oracle Solaris OS Kernel and Network Tunable Parameters
    Oracle® SolarisTunable Parameters Reference Manual Part No: E37386–04 September S 2013 Copyright © 2000, 2013, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS. Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including anyoperating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
    [Show full text]
  • The Linux-PAM System Administrators' Guide
    The Linux-PAM System Administrators' Guide Andrew G. Morgan <[email protected]> Thorsten Kukuk <[email protected]> The Linux-PAM System Administrators' Guide by Andrew G. Morgan and Thorsten Kukuk Version 1.1.2, 31. August 2010 Abstract This manual documents what a system-administrator needs to know about the Linux-PAM library. It covers the correct syntax of the PAM configuration file and discusses strategies for maintaining a secure system. 1. Introduction .................................................................................................................... 1 2. Some comments on the text .............................................................................................. 2 3. Overview ....................................................................................................................... 3 4. The Linux-PAM configuration file ..................................................................................... 5 4.1. Configuration file syntax ........................................................................................ 5 4.2. Directory based configuration ................................................................................. 8 4.3. Example configuration file entries ........................................................................... 8 5. Security issues .............................................................................................................. 11 5.1. If something goes wrong .....................................................................................
    [Show full text]